lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <40C799D3.7020901@doxdesk.com>
From: and-bugtraq at doxdesk.com (Andrew Clover)
Subject: tvm.exe / poll each.exe / blehdefyreal toolbar

mark@...ards.org wrote:

> Anybody know about some trojan(s) that spawn a "tvm.exe" process

Probably the recent new TVMedia variant.

> inserts a "blehdefyreal" toolbar into IE

There are a few parasites that use such random names. This is likely lop.

> and hijacks the IE homepage  to point to allaboutsearching.com?

This is definitely lop.

> This thing also opens pop-ups pointing to this page:

> http://69.20.62.53/yyy3.html

That's Look2Me.

The likelihood is you have *many* parasites installed. Ad-Aware and 
Spybot may be able to remove a lot, but if you're massively infected a 
reinstall may indeed be easier/safer.

-- 
Andrew Clover
mailto:and@...desk.com
http://www.doxdesk.com/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ